[Webkit-unassigned] [Bug 190656] useProbeOSRExit causes failures for Win64 DFG JIT
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Oct 23 15:24:43 PDT 2018
https://bugs.webkit.org/show_bug.cgi?id=190656
--- Comment #2 from Stephan Szabo <stephan.szabo at sony.com> ---
Adding a little bit of information from what was seen today.
The value that appears to come through for operationPutGetterSetter's encodedGetterValue seems to be the same value that was used in the prior call to operationPutByIdStrictOptimize's uid (which is also the fifth argument to that call).
The timeline with probe on seems to be:
operationNewFunction is called and seems to return in rax the value that we would want to use later as encodedGetterValue
ctiMasmProbeTrampoline is started
- goes into executeProbe and then executeOSRExit and some more before leaving
operationPutByIdNonStrictOptimize is called and a value is placed into memory for the uid value.
operationPutGetterSetter is called and the value on the stack for the fifth argument has the same value as what was passed to the previous call as uid.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20181023/da4f351c/attachment.html>
More information about the webkit-unassigned
mailing list